Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into ailim

Author: gitName

.openpublishing.redirection.json

@@ -22,15 +22,11 @@ sections:
       - question: |
           What is Microsoft Entra External ID?
         answer: |
-          We announced an early preview of our next-generation Microsoft Entra External ID solution. This early preview represents an evolutionary step in unifying secure and engaging experiences across all external identities including partners, customers, citizens, patients, and others within a single, integrated platform. For more information about the preview, see [What is Microsoft Entra External ID for customers?](../active-directory/external-identities/customers/overview-customers-ciam.md). 
+          We have released our next generation Microsoft Entra External ID product which combines powerful solutions for working with people outside of your organization. With External ID capabilities, you can allow external identities to securely access your apps and resources. Whether you’re working with external partners, consumers, or business customers, users can bring their own identities. These identities can range from corporate or government-issued accounts to social identity providers like Google or Facebook. For more information, see [Introduction to Microsoft Entra External ID](/entra/external-id/external-identities-overview)
       - question: |
           How does this preview affect me?
         answer: |
-          No action is required on your part at this time. The next-generation platform is currently in early preview only. We remain fully committed to supporting your current Azure AD B2C solution. There are no requirements for Azure AD B2C customers to migrate at this time and no plans to discontinue the current Azure AD B2C service. As the next generation platform approaches GA, details will be made available to all our valued B2C customers on available options including migration to the new platform.
-      - question: |
-          How do I participate in the preview?
-        answer: |
-          As the next-generation platform represents our future for customer identity and access management (CIAM), we welcome and encourage your participation and feedback during early preview. If you're interested in joining the early preview, contact your sales team for details. 
+          No action is required on your part at this time. We remain fully committed to supporting your current Azure AD B2C solution. There are no requirements for Azure AD B2C customers to migrate at this time and no plans to discontinue the current Azure AD B2C service. 
   - name: General
     questions:
       - question: |
@@ -119,7 +115,7 @@ sections:
           Currently, you can’t change the "From:" field on the email.
           
           > [!TIP]
-          > With Azure AD B2C [custom policy](custom-policy-overview.md), you can customize the email Azure AD B2C sends to users, including the "From:" field on the email. The custom email verification requires the use of a third-party email provider like [Mailjet](custom-email-mailjet.md), [SendGrid](custom-email-sendgrid.md), or [SparkPost](https://messagebird.com/email/cloud-sending?sp=true).
+          > With Azure AD B2C [custom policy](custom-policy-overview.md), you can customize the email Azure AD B2C sends to users, including the "From:" field on the email. The custom email verification requires the use of a third-party email provider like [Mailjet](custom-email-mailjet.md) or [SendGrid](custom-email-sendgrid.md).
           
       - question: |
           How can I migrate my existing user names, passwords, and profiles from my database to Azure AD B2C?

articles/active-directory-b2c/faq.yml

@@ -46,7 +46,7 @@ To enable sign-in for users with Mobile ID in Azure AD B2C, you need to create a
 
     |Key  |Note  |
     |---------|---------|
-    | Client ID | The Mobile ID client ID. For example, 11111111-2222-3333-4444-555555555555. |
+    | Client ID | The Mobile ID client ID. For example, 00001111-aaaa-2222-bbbb-3333cccc4444. |
     | Client Secret| The Mobile ID client secret.| 
 
 

articles/active-directory-b2c/identity-provider-mobile-id.md

@@ -25,7 +25,7 @@ zone_pivot_groups: b2c-policy-type
 
 ## Create a PingOne application
 
-To enable sign-in for users with a PingOne (Ping Identity) account in Azure Active Directory B2C (Azure AD B2C), you need to create an application in the Ping Identity Administrator Console. For more information, see [Adding or updating an OIDC application](https://docs.pingidentity.com/access/sources/dita/topic?resourceid=p14e_add_update_oidc_application) in the Ping Identity documentation. If you don't already have a PingOne account, you can sign up at [`https://admin.pingone.com/web-portal/register`](https://admin.pingone.com/web-portal/register).
+To enable sign-in for users with a PingOne (Ping Identity) account in Azure Active Directory B2C (Azure AD B2C), you need to create an application in the Ping Identity Administrator Console. If you don't already have a PingOne account, you can sign up at [`https://admin.pingone.com/web-portal/register`](https://admin.pingone.com/web-portal/register).
 
 1. Sign in to the Ping Identity Administrator Console with your PingOne account credentials.
 1. In the left menu of the page, select **Connections**, then next to **Applications**, select **+**.

articles/active-directory-b2c/identity-provider-ping-one.md

@@ -48,7 +48,7 @@ To enable sign-in for users with a SwissID account in Azure AD B2C, you need to
     |Key  |Note  |
     |---------|---------|
     | Environment| The SwissID OpenId well-known configuration endpoint. For example, `https://login.sandbox.pre.swissid.ch/idp/oauth2/.well-known/openid-configuration`. |
-    | Client ID | The SwissID client ID. For example, `11111111-2222-3333-4444-555555555555`. |
+    | Client ID | The SwissID client ID. For example, `00001111-aaaa-2222-bbbb-3333cccc4444`. |
     | Password| The SwissID client secret.| 
 
 

articles/active-directory-b2c/identity-provider-swissid.md

@@ -47,13 +47,13 @@ In this request, the client indicates the permissions that it needs to acquire f
 
 - `{tenant}` with the name of your Azure AD B2C tenant.
 
-- `90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6` with the app ID of the application you've registered in your tenant. 
+- `00001111-aaaa-2222-bbbb-3333cccc4444` with the app ID of the application you've registered in your tenant. 
 
 - `{policy}` with the name of a policy you've created in your tenant, for example `b2c_1_sign_in`.
 
 ```http
 GET https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/authorize?
-client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6
+client_id=00001111-aaaa-2222-bbbb-3333cccc4444
 &response_type=id_token+token
 &redirect_uri=https%3A%2F%2Faadb2cplayground.azurewebsites.net%2F
 &response_mode=fragment
@@ -88,7 +88,7 @@ GET https://aadb2cplayground.azurewebsites.net/#
 access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...
 &token_type=Bearer
 &expires_in=3599
-&scope="90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6 offline_access",
+&scope="00001111-aaaa-2222-bbbb-3333cccc4444 offline_access",
 &id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...
 &state=arbitrary_data_you_sent_earlier
 ```
@@ -175,7 +175,7 @@ In a typical web app flow, you would make a request to the `/token` endpoint. Ho
 
 ```http
 https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/authorize?
-client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6
+client_id=00001111-aaaa-2222-bbbb-3333cccc4444
 &response_type=token
 &redirect_uri=https%3A%2F%2Faadb2cplayground.azurewebsites.net%2F
 &scope=https%3A%2F%2Fapi.contoso.com%2Ftasks.read
@@ -265,4 +265,4 @@ GET https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/
 
 ## Next steps
 
-See the code sample: [Sign-in with Azure AD B2C in a JavaScript SPA](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/b2c).
+See the code sample: [Sign-in with Azure AD B2C in a JavaScript SPA](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/b2c).

articles/active-directory-b2c/implicit-flow-single-page-application.md

@@ -231,7 +231,7 @@ The following claims transformation outputs a JSON string claim that will be the
 
 - Input claims:
   - **email**,  transformation claim type  **customerEntity.email**: "[email protected]"
-  - **objectId**, transformation claim type **customerEntity.userObjectId** "01234567-89ab-cdef-0123-456789abcdef"
+  - **objectId**, transformation claim type **customerEntity.userObjectId** "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb"
   - **givenName**, transformation claim type **customerEntity.firstName** "John"
   - **surname**, transformation claim type **customerEntity.lastName** "Smith"
 - Input parameter:
@@ -244,7 +244,7 @@ The following claims transformation outputs a JSON string claim that will be the
     {
        "customerEntity":{
           "email":"[email protected]",
-          "userObjectId":"01234567-89ab-cdef-0123-456789abcdef",
+          "userObjectId":"aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb",
           "firstName":"John",
           "lastName":"Smith",
           "role":{
@@ -264,7 +264,7 @@ The **GenerateJson** claims transformation accepts plain strings. If an input cl
     {
        "customerEntity":{
           "email":"[\"[email protected]\"]",
-          "userObjectId":"01234567-89ab-cdef-0123-456789abcdef",
+          "userObjectId":"aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb",
           "firstName":"John",
           "lastName":"Smith",
           "role":{

articles/active-directory-b2c/json-transformations.md

@@ -63,7 +63,7 @@ The **InputClaims**, **OutputClaims**, and **PersistClaims** elements are empty
 | refresh_token_lifetime_secs | No | Refresh token lifetimes. The maximum time period before which a refresh token can be used to acquire a new access token, if your application had been granted the offline_access scope. The default is 120,9600 seconds (14 days). The minimum (inclusive) is 86,400 seconds (24 hours). The maximum (inclusive) is 7,776,000 seconds (90 days). |
 | rolling_refresh_token_lifetime_secs | No | Refresh token sliding window lifetime. After this time period elapses the user is forced to reauthenticate, irrespective of the validity period of the most recent refresh token acquired by the application. If you don't want to enforce a sliding window lifetime, set the value of allow_infinite_rolling_refresh_token to `true`. The default is 7,776,000 seconds (90 days). The minimum (inclusive) is 86,400 seconds (24 hours). The maximum (inclusive) is 31,536,000 seconds (365 days). |
 | allow_infinite_rolling_refresh_token | No | If set to `true`, the refresh token sliding window lifetime never expires. |
-| IssuanceClaimPattern | No | Controls the Issuer (iss) claim. One of the values:<ul><li>AuthorityAndTenantGuid - The iss claim includes your domain name, such as `login.microsoftonline` or `tenant-name.b2clogin.com`, and your tenant identifier https:\//login.microsoftonline.com/00000000-0000-0000-0000-000000000000/v2.0/</li><li>AuthorityWithTfp - The iss claim includes your domain name, such as `login.microsoftonline` or `tenant-name.b2clogin.com`, your tenant identifier and your relying party policy name. https:\//login.microsoftonline.com/tfp/00000000-0000-0000-0000-000000000000/b2c_1a_tp_sign-up-or-sign-in/v2.0/</li></ul> Default value: AuthorityAndTenantGuid |
+| IssuanceClaimPattern | No | Controls the Issuer (iss) claim. One of the values:<ul><li>AuthorityAndTenantGuid - The iss claim includes your domain name, such as `login.microsoftonline` or `tenant-name.b2clogin.com`, and your tenant identifier https:\//login.microsoftonline.com/aaaabbbb-0000-cccc-1111-dddd2222eeee/v2.0/</li><li>AuthorityWithTfp - The iss claim includes your domain name, such as `login.microsoftonline` or `tenant-name.b2clogin.com`, your tenant identifier and your relying party policy name. https:\//login.microsoftonline.com/tfp/aaaabbbb-0000-cccc-1111-dddd2222eeee/b2c_1a_tp_sign-up-or-sign-in/v2.0/</li></ul> Default value: AuthorityAndTenantGuid |
 | AuthenticationContextReferenceClaimPattern | No | Controls the `acr` claim value.<ul><li>None - Azure AD B2C doesn't issue the acr claim</li><li>PolicyId - the `acr` claim contains the policy name</li></ul>The options for setting this value are TFP (trust framework policy) and ACR (authentication context reference). It is recommended setting this value to TFP, to set the value, ensure the `<Item>` with the `Key="AuthenticationContextReferenceClaimPattern"` exists and the value is `None`. In your relying party policy, add `<OutputClaims>` item, add this element `<OutputClaim ClaimTypeReferenceId="trustFrameworkPolicy" Required="true" DefaultValue="{policy}" PartnerClaimType="tfp"/>`. Also make sure your policy contains the claim type `<ClaimType Id="trustFrameworkPolicy">	<DisplayName>trustFrameworkPolicy</DisplayName>		<DataType>string</DataType>	</ClaimType>` |
 |RefreshTokenUserJourneyId| No | The identifier of a user journey that should be executed during the [refresh an access token](authorization-code-flow.md#4-refresh-the-token) POST request to the `/token` endpoint. |
 
@@ -79,17 +79,3 @@ The CryptographicKeys element contains the following attributes:
 ## Session management
 
 To configure the Azure AD B2C sessions between Azure AD B2C and a relying party application, in the attribute of the `UseTechnicalProfileForSessionManagement` element, add a reference to [OAuthSSOSessionProvider](custom-policy-reference-sso.md#oauthssosessionprovider) SSO session.
-
-
-
-
-
-
-
-
-
-
-
-
-
-

articles/active-directory-b2c/jwt-issuer-technical-profile.md

@@ -436,7 +436,7 @@ In the following example, English (en) and Spanish (es) custom strings are added
 1. Switch your browser default language to Spanish. Or you can add the query string parameter, `ui_locales` to the authorization request. For example: 
 
 ```http
-https://<tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/B2C_1A_signup_signin/oauth2/v2.0/authorize&client_id=0239a9cc-309c-4d41-12f1-31299feb2e82&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.ms&scope=openid&response_type=id_token&prompt=login&ui_locales=es
+https://<tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/B2C_1A_signup_signin/oauth2/v2.0/authorize&client_id=00001111-aaaa-2222-bbbb-3333cccc4444&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.ms&scope=openid&response_type=id_token&prompt=login&ui_locales=es
 ```
 
 ::: zone-end